﻿<!--#include file="include/conn_f.asp"-->
<!--#include file="include/crypt.asp"-->
<!--#include file="top.asp"-->
<!--#include file="left.asp"-->
<center>
    <%
orderid=saferequest("orderid",1)
cust_id=Session("cust_id")
If cust_id<>"" Then
    sql_balance="select balance,very_code,MD5(cust_id+balance+325.61) as very_md5 from customer where cust_id="&cust_id
    Set rs_balance=conn.execute(sql_balance)
    If Not rs_balance.eof Then
        balance=ccur(rs_balance("balance"))
        'If rs_balance("very_code")<>rs_balance("very_md5") Then
        '	Dim MailObject 
            'Set MailObject = Server.CreateObject("CDONTS.NewMail") 
            'MailObject.From="no-reply@cardinchina.com"	'发件邮址 
            'MailObject.To="davidxiao_1979@hotmail.com" '收件人 
            'MailObject.Subject="可疑入侵!-定单:"&orderid 
            'MailObject.Body=cust_id
            'MailObject.MailFormat = 0
            'MailObject.BodyFormat = 0
            'MailObject.Send '发送邮件 

        '	Set msg = Server.CreateOBject( "JMail.Message" )
        '	msg.Logging = true
        '	msg.silent = true
        '	msg.Charset = "gbk"
        '	msg.From = "no-reply@cardinchina.com"
        '	msg.FromName = "游龙网-警报"
        '	msg.MailServerUserName = "no-reply@cardinchina.com"
        '	msg.MailServerPassword = "max3124"
        '	msg.AddRecipient "davidxiao_1979@hotmail.com"
        '	msg.Subject = "可疑入侵!-定单:"&orderid 
        '	msg.HTMLBody = mailbody
        '	msg.Send("mail.cardinchina.com" )
        ''	Response.Write "数据有错,请联系客户服务(BV1001)!"
        '	Response.End
        'End If
    Else
        Response.Write "数据有错,请联系客户服务(BV1002)!"
        Response.End
    End If
    
    'sql_balance_check="select balance from balance_detail where cust_id="&cust_id&" order by balance_id desc"
    'Set rs_balance_check=conn.execute(sql_balance_check)
    'If Not rs_balance_check.eof Then
    '	balance_check=ccur(rs_balance_check("balance"))
    'Else
    '	balance_check=-1
    'End If
    'If balance<>balance_check Then
    '	Response.Write "数据有错,请联系客户服务(BV1003)!"
    '	Response.End
    'End If

    sql="select *  FROM orders where orders_id="&orderid
    Set rs=conn.execute(sql)
    If Not rs.eof Then
        amount=rs("total_amount")
        pay_status=rs("pay_status")
    End If
    If pay_status=1 Then
        Response.Write "此定单已经付款,请不要重复付款!"
        Response.End
    End If
    If balance>=amount and amount>0 Then
        '扣款
        sql="update customer set balance=balance-"&amount&",very_code=MD5(cust_id+balance+325.61) where cust_id="&cust_id
        conn.execute sql
        sql_balance="select balance from customer where cust_id="&rs("cust_id")
        Set rs_balance=conn.execute(sql_balance)
        newbalance=rs_balance("balance")
        sql="insert into balance_detail(orders_id,cust_id,amount,deposit_type,balance,deposit_method,status,deposit_time,md5) values("
        sql=sql&orderid&","&cust_id&",-"&amount&",-1,"&newbalance&",1,1,now(),' ')"
        conn.execute sql
        sql="update orders set pay_method=9,pay_status=1,very_code=MD5(orders_id+1+432.48) where orders_id="&orderid
        conn.execute sql
    %>
    <script language="javascript">
        function self_pick() {
            window.location.href = 'processing.asp';
        }
        setInterval("self_pick()", 3000);

    </script>
    <%
        Response.Write "支付成功!您现在帐户余额是:"&newbalance&"<br />"
        Response.Write "本次消费金额:"&amount&"<br />"
        Response.Write "<br /><a href='processing.asp'>自助提货&gt;&gt;</a>"
        
    Else
        Response.Write "您会员帐号上的余额不足.请<a href='deposit.asp'>充值</a>!"
    End If
Else
    Response.Write "请先<a href='login.asp'>登录</a>网站支付!"	
End If
    %>
    <!--#include file="bottom.asp"-->
